/**
 * 
 */
package com.thon.security;

import java.io.IOException;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authz.AuthorizationFilter;

/**
 * @file AnyRolesAuthorizationFilter.java
 * @author manpiaoyi
 * @mail manpiaoyi@126.com
 * @data 2014-10-28
 * @description: TODO
 */
public class kickOutFilter extends AuthorizationFilter {
	@Override
	public boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)
			throws IOException {

		Subject subject = getSubject(request, response);
	
		Session session = subject.getSession();
		if(session.getAttribute("kickOut")!=null)
			{ subject.logout();
			return false;
			}
		return true;
	}
}
